LDAP with Zen 10

[jrp611]

I am setting up a server to start to work with Zenworks 10 but the focks at Novell say to setup a server with eDirectory on the network tree and have the Zenworks 10 server ( SUSE Linux) to connect to the server via LDAP. This part is new to me and was looking for direction on where to find a good reference on how to set this up. And if anyone has tried this out to see if it works.

Thanks

 

[marvhuffaker]

Do you already have eDirectory in your environment? All eDirectory servers can function as LDAP servers (LDAP is a service built in to eDirectory). So having that is a good start anyway.


Marvin Huffaker, MCNE
Marvin Huffaker Consulting, Inc.
A Novell Platinum Partner

http://www.redjuju.com

 

[jrp611]

I have a netware tree with 3 linux servers in the tree with edirectory 8.8 on the network and running Zenworks 7.0 sp3. I also have a Zenworks 10 sp2 server running on a SUSE Linux server with no eDirectory. In side the Zenworks 10 management program there is a way to connect to the ldap side of eDirectory but when I configure the ldap it is looking for the server and user name. I think there is a problem with the port that it is looking for. Also I turned off the firewall on the Linux server to see if it would connect. The Zenworks 10 manual does not talk alot about the ldap that I could find.

 

[marvhuffaker]

It's making the assumption that you know how to work with LDAP. I would have done the same since LDAP is integral to eDirectory.

LDAP uses either port 389 or 636.. 389 is clear text, 636 is secure and your LDAP could be configured to allow either or have one or the other disabled. You'd have to look at your LDAP server and Group objects and check to find out.

The user name would most likely be your eDir admin name or some other name you have setup. It needs this to authenticate to ldap and pull the information. Apparently it doesn't want to do a public anonymous queury, so a username is required.

The username should be in true ldap format meaning something like this: cn=admin,ou=context,o=org

Marvin



Marvin Huffaker, MCNE
Marvin Huffaker Consulting, Inc.
A Novell Platinum Partner

http://www.redjuju.com

 

[Provogeek]

hmm, I think I see the confusion here.

So, FYI. Zenworks is no longer integrated into eDirectory. Smart or stupid move on Novell's part, it's how it is.

So yea, when you click on the LDAP, you need to give it one of your servers running an LDAP service. In your case, one of the OES server. It will not auto find it, it will not auto configure it.

Note: what ever you use as your LDAP server, make sure reverse DNS lookup for the host is configured. even if you simply use the IP address. does not matter, the host name must have a resolvable host name and reverse DNS must work. If not, LDAP lookups will be sllloooowww. Why? beats me, just is, ask the nerd that wrote the LDAP RFC.

BTW, make sure resolution is all around good for the ZCm server as well.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Brent Schmidt Senior Network Engineer
Keep IT Simple[/color red]

http://www.kiscc.com

Novell Platinum Partner Microsoft Gold Partner
VMWare Enterprise Partner Citrix Gold Partner

 

[jrp611]

Thanks for the Tips... After looking at the ports, for some reason port 636 was being blocked so I opened the port in the firewall on the server and when I did that I was able to login to the eDirectory server. I looked at the users in my zenworks management console an could see all the users and groups. Also upgraded the zenworks to sp2. I like Zenworks 7.0 better then Zenworks 10 it will take time to get up an running for the time Zenworks 7 will still be the main program till I know 100% that Zenworks 10 is working the way I want it.